SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for freetype2-devel-2.6.3-5.6.1.x86_64.rpm :
Tue Feb 6 13:00:00 2018 kbabiochAATTsuse.com
- Add CVE-2016-10244.patch: Make sure that the parse_charstrings function in
type1/t1load.c does ensure that a font contains a glyph name to prevent a DoS
through a heap-based buffer over-read or possibly have uunspecified other
impact via a crafted file (CVE-2016-10244 bsc#1028103)
- Add CVE-2017-8105.patch: Fix an out-of-bounds write caused by a heap-based
buffer overflow related to the t1_decoder_parse_charstrings function in
psaux/t1decode.ca (CVE-2017-8105 bsc#1035807)
- Add CVE-2017-8287.patch: an out-of-bounds write caused by a heap-based buffer
overflow related to the t1_builder_close_contour function in psaux/psobjs.c
(CVE-2017-8287 bsc#1036457)
- Add 0001-integer-overflows.patch: Fix several integer overflow issues in
truetype/ttinterp.c (bsc#1079600)

Thu May 25 14:00:00 2017 idonmezAATTsuse.com
- Add bsc-1038506.patch from upstream to fix unifont bsc#1038506

Mon Mar 28 14:00:00 2016 idonmezAATTsuse.com
- Update to version 2.6.3

* IMPORTANT CHANGES
- Khmer, Myanmar, Bengali, and Kannada script support has been
added to the auto-hinter.

* MISCELLANEOUS
- Better support of Indic scripts like Devanagari by using a
top-to-bottom hinting flow.
- All FreeType macros starting with two underscores have been
renamed to avoid a violation of both the C and C++ standards.
Example: Header macros of the form `__FOO_H__\' are now called
`FOO_H_\'. In most cases, this should be completely transparent
to the user. The exception to this is `__FTERRORS_H__\', which
must be sometimes undefined by the user to get FreeType error
strings: Both this form and the new `FTERRORS_H_\' macro are
accepted for backwards compatibility.
- Minor improvements mainly to the Type 1 driver.
- The new CFF engine now supports all Type 2 operators except
`random\'.
- The macro `_STANDALONE_\', used for compiling the B/W and smooth
rasterizers as stand-alone modules, has been renamed to
`STANDALONE_\', since macro names starting with an underscore and
followed by an uppercase letter are reserved in both C and C++.
- Function `FT_Library_SetLcdFilterWeights\' now also activates
custom LCD filter weights (instead of just adjusting them).
- Support for `unpatented hinting\' has been completely removed:
Consequently, the two functions `FT_Face_CheckTrueTypePatents\'
and `FT_Face_SetUnpatentedHinting\' now return always false,
doing nothing.

Sun Nov 29 13:00:00 2015 idonmezAATTsuse.com
- Update to version 2.6.2

* IMPORTANT CHANGES
- The auto-hinter now supports stem darkening, to be controlled by
the new `no-stem-darkening\' and `darkening-parameters\'
properties. This is an experimental feature contributed by
Nikolaus Waxweiler, and the interface might change in a future
release.
- By default, stem darkening is now switched off (for both the CFF
engine and the auto-hinter). The main reason is that you need
linear alpha blending and gamma correction to get correct
rendering results, and the latter is not yet available in most
freely available rendering stacks like X11. Applying stem
darkening without proper gamma correction leads to far too dark
rendering results.
- The meaning of `FT_RENDER_MODE_LIGHT\' has been slightly
modified. It now essentially means `no hinting along the
horizontal axis\'; in particular, no change of glyph advance
widths. Consequently, the auto-hinter is used for all scalable
font formats except for CFF. It is planned that other
font-specific rendering engines (TrueType, Type 1) will follow.

* MISCELLANEOUS
- The default LCD filter has been changed to be normalized and
color-balanced.
- For better compatibility with FontConfig, function
`FT_Library_SetLcdFilter\' accepts a new enumeration value
`FT_LCD_FILTER_LEGACY1\' (which has the same meaning as
`FT_LCD_FILTER_LEGACY\').
- A large number of bugs have been detected by using the libFuzzer
framework, which should further improve handling of invalid
fonts. Thanks again to Kostya Serebryany and Bungeman!
- `TT_CONFIG_OPTION_MAX_RUNNABLE_OPCODES\', a new configuration
option, controls the maximum number of executed opcodes within a
bytecode program. You don\'t want to change this except for very
special situations (e.g., making a library fuzzer spend less
time to handle broken fonts).
- The smooth renderer has been made faster.

Sun Oct 4 14:00:00 2015 baiduzhyi.develAATTgmail.com
- Update to version 2.6.1

* IMPORTANT BUG FIXES
- It turned out that for CFFs only the advance widths should be
taken from the `htmx\' table, not the side bearings. This bug,
introduced in version 2.6.0, makes it necessary to upgrade if
you are using CFFs; otherwise, you get cropped glyphs with GUI
interfaces like GTK or Qt.
- Accessing Type 42 fonts returned incorrect results if the glyph
order of the embedded TrueType font differs from the glyph order
of the Type 42 charstrings table.

* IMPORTANT CHANGES
- The header file layout has been changed (again), moving all
header files except `ft2build.h\' into a subdirectory tree.
Doing so reduces the possibility of header file name clashes
(e.g., FTGL\'s `FTGlyph.h\' with FreeType\'s `ftglyph.h\') on case
insensitive file systems like Mac OS X or Windows.
Applications that use (a) the `freetype-config\' script or
FreeType\'s `freetype2.pc\' file for pkg-config to get the include
directory for the compiler, and (b) the documented way for
header inclusion like
[#]include
[#]include FT_FREETYPE_H
...
don\'t need any change to the source code.
- Simple access to named instances in GX variation fonts is now
available (in addition to the previous method via FreeType\'s MM
interface). In the `FT_Face\' structure, bits 16-30 of the
`face_index\' field hold the current named instance index for the
given face index, and bits 16-30 of `style_flags\' contain the
number of instances for the given face index. `FT_Open_Face\'
and friends also understand the extended bits of the face index
parameter.
You need to enable TT_CONFIG_OPTION_GX_VAR_SUPPORT for this new
feature. Otherwise, bits 16-30 of the two fields are zero (or
are ignored).
- Lao script support has been added to the auto-hinter.

* MISCELLANEOUS
- The auto-hinter\'s Arabic script support has been enhanced.
- Superscript-like and subscript-like glyphs as used by various
phonetic alphabets like the IPA are now better supported by the
auto-hinter.
- The TrueType bytecode interpreter now runs slightly faster.
- Improved support for builds with cmake.
- The function `FT_CeilFix\' now always rounds towards plus
infinity.
- The function `FT_FloorFix\' now always rounds towards minus
infinity.
- A new load flag `FT_LOAD_COMPUTE_METRICS\' has been added; it
makes FreeType ignore pre-computed metrics, as needed by font
validating or font editing programs. Right now, only the
TrueType module supports it to ignore data from the `hdmx\'
table.
- Another round of bug fixes to better handle broken fonts, found
by Kostya Serebryany .
- Dropping upstreamed patch Dont-use-hmtx-table-for-LSB.patch.

Fri Sep 11 14:00:00 2015 zaitorAATTopensuse.org
- Add Dont-use-hmtx-table-for-LSB.patch: Fixes gnu#45520, cut off
fonts in gtk and qt. Taken from upstream git.

Thu Jun 11 14:00:00 2015 idonmezAATTsuse.com
- Update to version 2.6

* Thread safety improvements

* Thai script support has been added to the auto-hinter.

* Arabic script support has been added to the auto-hinter.

* Following OpenType version 1.7, advance widths and side bearing
values in CFFs (wrapped in an SFNT structure) are now always
taken from the `hmtx\' table.

* Following OpenType version 1.7, the PostScript font name of a
CFF font (wrapped in an SFNT structure) is now always taken from
the `name\' table. This is also true for OpenType Collections
(i.e., TTCs using CFFs subfonts instead of TTFs), where it may
have a significant difference.

* Fonts natively hinted for ClearType are now supported, properly
handling selector index 3 of the INSTCTRL bytecode instruction.

* Major improvements to the GX TrueType variation font handling.

Tue Jun 9 14:00:00 2015 fstrbaAATTsuse.com
- Merge with the version 2.5.5 from openSUSE:Factory
- Removed patches:

* CVE-2014-9656.patch

* CVE-2014-9657.patch

* CVE-2014-9658.patch

* CVE-2014-9659.patch

* CVE-2014-9660.patch

* CVE-2014-9661.patch

* CVE-2014-9662.patch

* CVE-2014-9663.patch

* CVE-2014-9664.patch

* CVE-2014-9665.patch

* CVE-2014-9666.patch

* CVE-2014-9667.patch

* CVE-2014-9668.patch

* CVE-2014-9669.patch

* CVE-2014-9670.patch

* CVE-2014-9671.patch

* CVE-2014-9672.patch

* CVE-2014-9673.patch

* CVE-2014-9674.patch

* CVE-2014-9675.patch
- Integrated in the 2.5.5 release
- Modified patches:

* don-t-mark-libpng-as-required-library.patch

* bugzilla-308961-cmex-workaround.patch

* freetype2-subpixel.patch

* freetype2-bitmap-foundry.patch

* overflow.patch
- Adapt to the new version of sources

Wed Jun 3 14:00:00 2015 fstrbaAATTsuse.com
- Modified patch:

* CVE-2014-9671.patch
- Adapt the code to correspond to the current git master of
freetype2 (fixes bsc#933247)

Fri Apr 10 14:00:00 2015 fstrbaAATTsuse.com
- Enable the bz2 compression in freetype2
- Remove patch overflow.patch from freetype2.spec where it is not
applied.
- Run spec-cleaner on the spec file.

Fri Feb 20 13:00:00 2015 nadvornikAATTsuse.com
- fixed vulnerabilities (bnc#916847, bnc#916856, bnc#916857,
bnc#916858, bnc#916859, bnc#916860, bnc#916861, bnc#916862,
bnc#916863, bnc#916864, bnc#916865, bnc#916867, bnc#916868,
bnc#916870, bnc#916871, bnc#916872, bnc#916873, bnc#916874,
bnc#916879, bnc#916881)
- CVE-2014-9656.patch
- CVE-2014-9657.patch
- CVE-2014-9658.patch
- CVE-2014-9659.patch
- CVE-2014-9660.patch
- CVE-2014-9661.patch
- CVE-2014-9662.patch
- CVE-2014-9663.patch
- CVE-2014-9664.patch
- CVE-2014-9665.patch
- CVE-2014-9666.patch
- CVE-2014-9667.patch
- CVE-2014-9668.patch
- CVE-2014-9669.patch
- CVE-2014-9670.patch
- CVE-2014-9671.patch
- CVE-2014-9672.patch
- CVE-2014-9673.patch
- CVE-2014-9674.patch
- CVE-2014-9675.patch

Sat Jan 3 13:00:00 2015 hrvoje.senjanAATTgmail.com
- Update to version 2.5.5

* IMPORTANT BUG FIXES
- Handling of uncompressed PCF files works again (bug
introduced in version 2.5.4).
- Drop freetype2-2.5.3-fix-pcf.patch, merged upstream

Mon Dec 8 13:00:00 2014 hrvoje.senjanAATTgmail.com
- Update to version 2.5.4

* IMPORTANT BUG FIXES
- A variant of vulnerability CVE-2014-2240 was identified
(cf. http://savannah.nongnu.org/bugs/?43661) and fixed
in the new CFF driver. All users should upgrade.
- The new auto-hinter code using HarfBuzz crashed for some
invalid fonts.
- Many fixes to better protect against malformed input.

* IMPORTANT CHANGES
- Full auto-hinter support of the Devanagari script.
- Experimental auto-hinter support of the Telugu script.
- CFF stem darkening behaviour can now be controlled at
build time using the eight macros
CFF_CONFIG_OPTION_DARKENING_PARAMETER_{X,Y}{1,2,3,4} .
- Some fields in the `FT_Bitmap\' structure have been changed
from signed to unsigned type, which better reflects
the actual usage. It is also an additional means to
protect against malformed input. This change doesn\'t break
the ABI; however, it might cause compiler warnings.

* MISCELLANEOUS
- Improvements to the auto-hinter\'s algorithm to recognize
stems and local extrema.
- Function `FT_Get_SubGlyph_Info\' always returned an error
even in case of success.
- Version 2.5.1 introduced major bugs in the cjk part of
the auto-hinter, which are now fixed.
- The `FT_Sfnt_Tag\' enumeration values have been changed to
uppercase, e.g. `FT_SFNT_HEAD\'. The lowercase variants
are deprecated. This is for orthogonality with all other
enumeration (and enumeration-like) values in FreeType.
- `cmake\' now supports builds of FreeType as an OS X framework
and for iOS.
- Improved project files for vc2010,
introducing a property file
- The documentation generator for the API reference has been
updated to produce better HTML code (with proper CSS).
At the same time, the documentation got a better structure.
- The FT_LOAD_BITMAP_CROP flag is obsolete; it is not used
by any driver.
- The TrueType DELTAP[123] bytecode instructions now work in
subpixel hinting mode as described in the ClearType
whitepaper (i.e., for touched points in the
non-subpixel direction).
- Many small improvements to the internal arithmetic routines.
- Rebase don-t-mark-libpng-as-required-library.patch,
bugzilla-308961-cmex-workaround.patch, freetype2-subpixel.patch,
freetype2-bitmap-foundry.patch and overflow.patch
- Add freetype2-2.5.3-fix-pcf.patch from upstream to resolve
http://savannah.nongnu.org/bugs/?43774, \"Freetype 2.5.4 does not
load ungzipped PCF fonts\"

Thu Mar 27 13:00:00 2014 nadvornikAATTsuse.com
- get 2.5.3 from Factory as it fixes
CVE-2014-2240 CVE-2014-2241 (bnc#867620)

Thu Mar 13 13:00:00 2014 hrvoje.senjanAATTgmail.com
- Improve don-t-mark-libpng-as-required-library.patch: also handle
Requires.private case (freetype does not include png headers)

Sun Mar 9 13:00:00 2014 hrvoje.senjanAATTgmail.com
- Update to version 2.5.3

* IMPORTANT BUG FIXES
- A vulnerability was identified and fixed in the new CFF
driver (cf. http://savannah.nongnu.org/bugs/?41697; it
doesn\'t have a CVE number yet). All users should upgrade.
- More bug fixes related to correct positioning of
composite glyphs.
- Many fixes to better protect against malformed input.

* IMPORTANT CHANGES
- FreeType can now use the HarfBuzz library to greatly improve
the auto-hinting of fonts that use OpenType features:
Many glyphs that are part of such features but don\'t have
cmap entries are now handled properly, for example small
caps or superscripts. Define the configuration macro
FT_CONFIG_OPTION_USE_HARFBUZZ to activate HarfBuzz support.
You need HarfBuzz version 0.9.19 or newer. Note that HarfBuzz
depends on FreeType; this currently causes a chicken-and-egg
problem that can be solved as follows in case HarfBuzz
is not yet installed on your system.
1. Compile and install FreeType without the configuration
macro FT_CONFIG_OPTION_USE_HARFBUZZ.
2. Compile and install HarfBuzz.
3. Define macro FT_CONFIG_OPTION_USE_HARFBUZZ, then
compile and install FreeType again.
With FreeType\'s `configure\' script the procedure boils
down to configure, build, and install Freetype, then
configure, compile, and install HarfBuzz, then configure,
compile, and install FreeType again (after executing
`make distclean\').
- All libraries FreeType depends on are now checked
using the `pkg-config\' configuration files first,
followed by alternative methods.
- The new value `auto\' for the various `--with-XXX\'
library options (for example `--with-harfbuzz=auto\')
makes the `configure\' script automatically link to the
libraries it finds. This is now the default.
- In case FreeType\'s `configure\' script can\'t find a
library, you can pass environment variables to circumvent
pkg-config, and those variables have been harmonized as
a consequence of the changes mentioned above:
LIBZ -> removed; use LIBZ_CFLAGS and LIBZ_LIBS
LIBBZ2 -> removed; use BZIP2_CFLAGS and BZIP2_LIBS
LIBPNG_LDFLAGS -> LIBPNG_LIBS
`./configure --help\' shows all available environment variables.
- The `freetype-config\' script now understands
option `--static\' to emit static linking information.
- Due to buildsystem changes, rename and rebase
don-t-mark-libpng-as-required-library-in-freetype-co.patch to
don-t-mark-libpng-as-required-library.patch

Thu Dec 12 13:00:00 2013 hrvoje.senjanAATTgmail.com
- Added patches:

* don-t-mark-libpng-as-required-library-in-freetype-co.patch: it\'s
private in pkgconfig file, and causes issues in downstream
packages
- As per patch, remove libpng-devel Requires from devel package

Wed Dec 11 13:00:00 2013 arvidjaarAATTgmail.com
- freetype2 pkgconfig now includes -lpng16; make sure freetype2-devel
Requires libpng-devel

Tue Dec 10 13:00:00 2013 hrvoje.senjanAATTgmail.com
- Update to version 2.5.2

* Fixed bug that made FreeType crash on some popular (but not
fully conformant) fonts like `ahronbd.ttf\'

* Another round of improvements to correct positioning and hinting
of composite glyphs in TrueType fonts

* Fixed bug introduced in version 2.5.1: handling embedded
bitmap strikes of TrueType fonts, caused garbage display
under some circumstances

* Fixed `ftgrid\' demo program compilation in non-development
builds
- Droped fix-compile-in-non-debug.patch, included in this release

Wed Nov 27 13:00:00 2013 hrvoje.senjanAATTgmail.com
- Update to version 2.5.1

* For some WinFNT files, the last glyph wasn\'t displayed but
incorrectly marked as invalid.

* The vertical size of glyphs was incorrectly set after a call to
`FT_GlyphSlot_Embolden\', resulting in clipped glyphs.

* Many fields of the `PCLT\' table in SFNT based fonts (if accessed
with `FT_Get_Sfnt_Table\') were computed incorrectly.

* In TrueType fonts, hinting of composite glyphs could sometimes
deliver incorrect positions of components or even distorted
shapes.

* WOFF font format support has been added.

* The auto-hinter now supports Hebrew. Greek and Cyrillic support
has been improved.

* Support for the forthcoming `OS/2\' SFNT table version 5, as can
be found e.g. in the `Sitka\' font family for Windows 8.1.

* The header file layout has been changed. After installation,
all files are now located in `/include/freetype2\'.
Applications that use (a) `freetype-config\' or FreeType\'s
`pkg-config\' file to get the include directory for the compiler,
and (b) the documented way for header inclusion like
[#]include or #include FT_FREETYPE_H
don\'t need any change to the source code.

* The stem darkening feature of the new CFF engine can now be
fine-tuned with the new `darkening-parameters\' property.

* `ftgrid\' has been updated to toggle various engines with the `H\'
key, similar to `ftview\' and `ftdiff\'.

* The functionality of `ttdebug\' has been greatly enhanced.
. It now displays twilight, storage, and control value data; key

* Better support of ARMv7 and x86_64 processors.

* Apple\'s `sbix\' color bitmap format is now supported.

* Improved auto-hinter rendering for many TrueType fonts,
especially in the range 20-40ppem.

* A new face flag `FT_FACE_FLAG_COLOR\' has been added (to be
accessed with the macro `FT_HAS_COLOR\').

* `FT_Gzip_Uncompress\' (modeled after zlib\'s `uncompress\'
function) has been added; this is a by-product of the newly
added WOFF support.

* Support for a build with `cmake\' has been contributed by John
Cary .

* Support for x64 builds with Visual C++ has been contributed by
Kenneth Miller

* Manual pages for most demo programs have been added.

* The GETINFO bytecode instruction for TrueType fonts was buggy if
used to retrieve subpixel hinting information. It was necessary
to set selector bit 6 to get results for selector bits 7-10,
which is wrong.

* Improved computation of emulated vertical metrics for TrueType
fonts.

* Fixed horizontal start-up position of vertical phantom points in
TrueType bytecode.
- Rebase freetype2-subpixel.patch to current release
- Added fix-compile-in-non-debug.patch, fixes release build of ftdemos
- Added overflow.patch for resolving post-build-check detected error:
I: Statement is overflowing a buffer

Wed Jul 3 14:00:00 2013 idonmezAATTsuse.com
- Update to version 2.5.0.1

* The cache manager function `FTC_Manager_Reset\' didn\'t flush the
cache.

* Behdad Esfahbod (on behalf of Google) contributed support for
color embedded bitmaps (eg. color emoji).

* The old FreeType CFF engine is now disabled by default.

* All code related to macro FT_CONFIG_OPTION_OLD_INTERNALS
has been removed.

* The property API (`FT_Property_Get\' and `FT_Property_Set\') is
now declared as stable.

* Another round of TrueType subpixel hinting fixes.

* 64bit compilation of the new CFF engine was buggy.

* Some fixes to improve robustness in memory-tight situations.
- Add dependency on libpng-devel for color emoji support.
- Drop freetype-new-cff-engine.patch, upstream now.

Sun Jun 9 14:00:00 2013 crrodriguezAATTopensuse.org
- Library and tools must be compiled with large file
support in 32 bit archs just like the rest of system.

Fri May 10 14:00:00 2013 idonmezAATTsuse.com
- Update to version 2.4.12

* A new CFF rendering engine from Adobe

* The macro FT_CONFIG_OPTION_OLD_INTERNALS is no longer set by
default.
- freetype-new-cff-engine.patch: Enable the new CFF engine by default.
- Drop freetype2-no_rpath.patch, not needed.

Fri Jan 11 13:00:00 2013 jwAATTsuse.com
- Rediffed patches.
- CVE-2012-5668.patch, CVE-2012-5669.patch, CVE-2012-5670.patch nothing to do.

Thu Dec 20 13:00:00 2012 idonmezAATTsuse.com
- Update to version 2.4.11

* Some vulnerabilities in the BDF implementation have been fixed.

* Support for OpenType collections (OTC) has been added.

* Pure CFF fonts within an SFNT wrapper are now supported.

* Minor rendering improvements to the auto-hinter.

* `FT_GlyphSlot_Oblique\' now uses a shear angle of 12°.
- Modify freetype2-subpixel.patch for new subpixel hinting option.
- Drop fix-build.patch: no longer needed

Sun Jun 17 14:00:00 2012 idonmezAATTsuse.com
- Update to version 2.4.10

* Incremental glyph loading as needed by ghostscript was broken.

* A new function `FT_Outline_EmboldenXY\'

* The glyph spacing computation in `FT_GlyphSlot_Embolden\' (and
similar code in `ftview\') has been improved.

* Minor improvements to the TrueType bytecode interpreter and
glyph loader, the auto-hinter, and the B/W rasterizer.

Wed May 9 14:00:00 2012 crrodriguezAATTopensuse.org
- USe -std=gnu99 in all targets not only on ARM

Fri Mar 30 14:00:00 2012 idonmezAATTsuse.com
- Unbreak SLE builds

Thu Mar 8 13:00:00 2012 idonmezAATTsuse.com
- Update to version 2.4.9

* Fixes CVE-2012-1126, CVE-2012-1127, CVE-2012-1128, CVE-2012-1129,
CVE-2012-1130, CVE-2012-1131, CVE-2012-1132, CVE-2012-1133,
CVE-2012-1134, CVE-2012-1135, CVE-2012-1136, CVE-2012-1137,
CVE-2012-1138, CVE-2012-1139, CVE-2012-1140, CVE-2012-1141,
CVE-2012-1142, CVE-2012-1143, CVE-2012-1144

* The `ENCODING -1 \' format of BDF fonts is now supported.

* For BDF fonts, support for the whole Unicode encoding range has
been added.

* Better TTF support for x_ppem != y_ppem.

* `FT_Get_Advances\' sometimes returned bogus values.

Tue Feb 14 13:00:00 2012 cfarrellAATTsuse.com
- license update: SUSE-Freetype or GPL-2.0+
Use SUSE- proprietary prefix until upstream spdx.org accepts Freetype as
official license

Tue Feb 14 13:00:00 2012 saschpeAATTsuse.de
- Ran spec-cleaner
- Add devel-static provides to devel package (shared library policy)

Thu Dec 22 13:00:00 2011 tiwaiAATTsuse.de
- provide libfreetype.la for older distros; otherwise it breaks
too many package builds in M17N repo
- fix build on FACTORY by owning aclocal dir

Tue Nov 15 13:00:00 2011 idonmezAATTsuse.com
- Update to version 2.4.8

* Some vulnerabilities in handling CID-keyed PostScript fonts have
been fixed; see CVE-2011-3439

* Chris Liddell contributed a new API, `FT_Get_PS_Font_Value\', to
retrieve most of the dictionary keys in Type 1 fonts.

Tue Oct 18 14:00:00 2011 idonmezAATTsuse.com
- Update to version 2.4.7

* Some vulnerabilities in handling Type 1 fonts have been fixed;
see CVE-2011-3256.

* FreeType now properly handles ZapfDingbats glyph names while
constructing a Unicode character map (for fonts which don\'t have
one).

Fri Jul 29 14:00:00 2011 idonmezAATTnovell.com
- Update to version 2.4.6

* For TrueType based fonts, the ascender and descender values were
incorrect sometimes (off by a pixel if the ppem value was not a
multiple of 5). Depending on the use you might now experience
a different layout; the change should result in better, more
consistent line spacing.

* Fix CVE-2011-0226 which causes a vulnerability while handling
Type 1 fonts.

* BDF fonts containing glyphs with negative values for ENCODING
were incorrectly rejected. This bug has been introduced in
FreeType version 2.2.0.

* The behaviour of FT_STROKER_LINEJOIN_BEVEL has been corrected.

* A new line join style, FT_STROKER_LINEJOIN_MITER_FIXED, has
been introduced to support PostScript and PDF miter joins.

* FT_STROKER_LINEJOIN_MITER_VARIABLE has been introduced as an
alias for FT_STROKER_LINEJOIN_MITER.

* Various stroking glitches has been fixed

* SFNT bitmap fonts which contain an outline glyph for `.notdef\'
only no longer set the FT_FACE_FLAG_SCALABLE flag.
- Drop bnc704612_othersubr.diff, applied upstream

Fri Jul 22 14:00:00 2011 keAATTsuse.de
- added bnc704612_othersubr.diff, CVE-2011-0226, bnc#704612.

Thu Jul 7 14:00:00 2011 idonmezAATTnovell.com
- Clean spec file
- Disable static libraries
- Drop unneeded use_unix.diff
- Disable newly introduced bzip2 support, it seems to create
problems with subpixel rendering

Sat Jun 25 14:00:00 2011 idonmezAATTnovell.com
- Update to version 2.4.5

* A rendering regression for second-order Bézier curves has been
fixed, introduced in 2.4.3.

* If autohinting is not explicitly disabled, FreeType now uses
the autohinter if a TrueType based font doesn\'t contain native
hints.

* The load flag FT_LOAD_IGNORE_GLOBAL_ADVANCE_WIDTH has been made
redundant and is simply ignored; this means that FreeType now
ignores the global advance width value in TrueType fonts.

* `FT_Sfnt_Table_Info\' can now return the number of SFNT tables of
a font.

* Support for PCF files compressed with bzip2 has been contributed
by Joel Klinghed. To make this work, the OS must provide a
bzip2 library.

* Again some fixes to better handle broken fonts.

* Some improvements to the B/W rasterizer.

* Fixes to the cache module to improve robustness.

* Just Fill Bugs contributed (experimental) code to compute blue
zones for CJK Ideographs, improving the alignment of horizontal
stems at the top or bottom edges.
- Dropped the following patches:

* bnc628213_1797.diff (fixed upstream)

* bnc641580_CVE-2010-3311.diff (fixed upstream)

* ft2-stream-compat.diff (only needed for SLE8->SLE9 update)
- Add libbz2-devel to BuildRequires to enable bzip2 support

Mon Feb 28 13:00:00 2011 jwAATTnovell.com
- bnc#647375: CVE-2010-3855.diff already fixed upstream.
- bnc#647375: CVE-2010-3814.diff already fixed upstream.

Tue Dec 7 13:00:00 2010 jwAATTnovell.com
- several old patches got lost, reapplying:

* added bnc641580_CVE-2010-3311.diff for bnc#641580

* bnc633943_CVE-2010-3054 nothing to do.

* bnc633938_CVE-2010-3053 nothing to do.

Mon Dec 6 13:00:00 2010 cristian.rodriguezAATTopensuse.org
- exclude
*.a
*.la files from -devel package

Sat Dec 4 13:00:00 2010 pascal.bleserAATTopensuse.org
- Updated to version 2.4.4:

* [truetype] better multi-threading support

* [truetype] identify the tricky fonts by cvt/fpgm/prep checksums; some Latin TrueType fonts are still expected to be unhinted

* [type1] fix matrix normalization

* [type1] improve guard against malformed data

* [ftsmooth] improve rendering

* [ftraster] fix rendering

Fri Oct 29 14:00:00 2010 fisiuAATTopensuse.org
- Updated to version 2.4.3:
+ Fix rendering of certain cubic, S-shaped arcs. This regression
has been introduced in version 2.4.0.
+ Handling of broken fonts has been further improved.

Thu Aug 12 14:00:00 2010 jwAATTnovell.com
- bnc#628213: added bnc628213_1797.diff
- bnc#629447: CVE-2010-2805..8 are already fixed in upstream 2.4.2
- bnc#619562: CVE-2010-2497,2498,2499,2500,2519,2520 dito.

Mon Aug 9 14:00:00 2010 tiwaiAATTsuse.de
- updated to version 2.4.2:
Another serious bug in the CFF font module has been found,
together with more exploitable vulnerabilities in the T42 font
driver.

Tue Jul 20 14:00:00 2010 tiwaiAATTsuse.de
- updated to version 2.4.1:

* major version up

* bytecode interpreter is enabled as default in the upstream

* doc-reference is redundant, removed

Fri Jun 4 14:00:00 2010 cooloAATTnovell.com
- reenable bitmap foundaries (bnc#596559)

Sat Apr 24 14:00:00 2010 cooloAATTnovell.com
- buildrequire pkg-config to fix provides

Tue Apr 6 14:00:00 2010 ajAATTsuse.de
- Adjust baselibs.conf for changes

Tue Apr 6 14:00:00 2010 cooloAATTnovell.com
- fix obsoletes/provides

Mon Apr 5 14:00:00 2010 cooloAATTnovell.com
- leave freetype2 behind and only go with shared library package

Sun Apr 4 14:00:00 2010 ajAATTsuse.de
- Fix baselibs.conf for renamed libs

Wed Mar 31 14:00:00 2010 cooloAATTnovell.com
- update to version 2.3.12:
brings considerable improvements for b/w rasterizing of hinted
TrueType fonts at small sizes, see NEWS for more details
- fixed build without sysvinit in the build system
- disable no longer compiling patch that should be upstream or dead
- split out shared library policy package
- remove old patches

Mon Dec 14 13:00:00 2009 jengelhAATTmedozas.de
- add baselibs.conf as a source

Fri Nov 6 13:00:00 2009 tiwaiAATTsuse.de
- make -std=gnu99 cfalgs to be ARM-specific

Tue Nov 3 13:00:00 2009 cooloAATTnovell.com
- updated patches to apply with fuzz=0

Sun Aug 2 14:00:00 2009 jansimon.moellerAATTopensuse.org
- ARM build needs -std=gnu99 in CFLAGS

Mon Jul 27 14:00:00 2009 tiwaiAATTsuse.de
- updated to version 2.3.8:

* see URLs below
http://www.freetype.org/index2.html#release-freetype-2.3.8
http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=653641
- updated to version 2.3.9:

* see URLs below
http://www.freetype.org/index2.html#release-freetype-2.3.9
http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=667610
- fix builds with older distros

Tue Jul 7 14:00:00 2009 meissnerAATTnovell.com
- require zlib-devel- from freetype2-devel-
bnc#519192

Thu Apr 16 14:00:00 2009 nadvornikAATTsuse.cz
- fixed integer overflows [bnc#485889] CVE-2009-0946

Mon Mar 9 13:00:00 2009 crrodriguezAATTsuse.de
- freetype2 has subpixel rendering enabled [bnc#478407]


 
ICM